﻿<!--#include file="conn.asp"-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
    <title></title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <link href="images/style.css" type="text/css" rel="stylesheet">
    <meta content="MSHTML 6.00.3790.0" name="GENERATOR">
</head>
<body style="font-size: 12px; v-text-align: center" leftmargin="0" topmargin="3"
    align="center" marginheight="0" marginwidth="0">
    <%if request("act")="del" then
conn.execute("delete from admin where id in("&request("id")&")")
conn.close
set conn=nothing
response.redirect Request.ServerVariables("HTTP_REFERER")
response.end
end if%>
    <%if request("act")="lock" then
conn.execute("update admin set lockuser = ("&request("lock")&") where id in("&request("id")&")")
conn.close
set conn=nothing
response.redirect Request.ServerVariables("HTTP_REFERER")
response.end
end if%>
    <%if request("act")="save" then
id=request.QueryString("id")
username=request.form("username")
password=request.form("password")
if username="" then
response.write("<script>alert('用户名称不能为空!');history.go(-1);</script>")
response.end
end if
if password="" then
response.write("<script>alert('用户密码不能为空!');history.go(-1);</script>")
response.end
end if
set rs=server.createobject("adodb.recordset")
sql="select * from admin where id="&id
rs.open sql,conn,1,3
rs("username")=username
rs("password")=password
rs.Update
rs.Close
set rs=nothing 
response.write("<script>alert('成功：修改用户资料成功!');location='admin_user.asp'</script>")
response.end
end if
if request("act")="join" then
username=request.form("username")
password=request.form("password")
if username="" then
response.write("<script>alert('用户名称不能为空!');history.go(-1);</script>")
response.end
end if
if password="" then
response.write("<script>alert('用户密码不能为空!');history.go(-1);</script>")
response.end
end if
set rs=server.createobject("adodb.recordset")
sql="select * from admin"
rs.open sql,conn,1,3
rs.AddNew
rs("username")=username
rs("password")=password
rs.Update
rs.Close
set rs=nothing 
response.write("<script>alert('成功：新建后台用户成功!');location='admin_user.asp'</script>")
response.end
end if%>
    <%if request("act")="modify" then
id=request.QueryString("id")
set rs=server.createobject("adodb.recordset")
sql="select * from admin where id="&id
rs.open sql,conn,1,3
    %>
    <table width="98%" border="0" align="center" cellpadding="4" cellspacing="1" bgcolor="#CCCCCC">
        <form name="form1" method="post" action="superuser.asp?id=<%=id%>&act=save">
        <tr bgcolor="3972B4">
            <td colspan="2" bgcolor="e7e7e7">
                <div align="center">
                    <strong><font color="#000000">修改
                        <%=rs("username")%>
                        用户资料</font></strong></div>
            </td>
        </tr>
        <tr bgcolor="#CCCCCC">
            <td width="19%" bgcolor="#FFFFFF">
                <div align="right">
                    用户名称：</div>
            </td>
            <td width="81%" bgcolor="#FFFFFF">
                <input name="username" type="text" id="username" value="<%=rs("username")%>" size="20">
            </td>
        </tr>
        <tr bgcolor="#CCCCCC">
            <td bgcolor="#FFFFFF">
                <div align="right">
                    用户密码：</div>
            </td>
            <td bgcolor="#FFFFFF">
                <input name="password" type="password" id="password" value="<%=rs("password")%>"
                    size="20">
            </td>
        </tr>
        <tr bgcolor="#CCCCCC">
            <td colspan="2" bgcolor="#FFFFFF">
                <div align="center">
                    <input type="submit" name="Submit" class="Submit" value="确定修改">
                </div>
            </td>
        </tr>
        </form>
    </table>
    <%
rs.close
set rs=nothing 
end if%>
    <%if request("act")="new" then
    %>
    <table width="98%" border="0" align="center" cellpadding="4" cellspacing="1" bgcolor="#CCCCCC">
        <form name="form1" method="post" action="superuser.asp?id=<%=id%>&act=join">
        <tr bgcolor="3972B4">
            <td colspan="2" bgcolor="e7e7e7">
                <div align="center">
                    <strong><font color="#000000">新建管理员</font></strong></div>
            </td>
        </tr>
        <tr bgcolor="#ffffff">
            <td width="19%">
                <div align="right">
                    用户名称：</div>
            </td>
            <td width="81%">
                <input name="username" type="text" id="username" value="" size="20">
            </td>
        </tr>
        <tr bgcolor="#ffffff">
            <td>
                <div align="right">
                    用户密码：</div>
            </td>
            <td>
                <input name="password" type="text" id="password" value="" size="20">
            </td>
        </tr>
        <tr bgcolor="#ffffff">
            <td colspan="2">
                <div align="center">
                    <input type="submit" name="Submit" class="Submit" value="新建">
                </div>
            </td>
        </tr>
        </form>
    </table>
</body>
</html>
<%
end if%>